urlscan.io logo urlscan.io
SecurityTrails logo

bfllc.com Open in urlscan Pro
18.209.242.7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://benchmarkfinancial.info/
Effective URL: https://bfllc.com/welcome
Submission: On March 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 18 HTTP transactions. The main IP is 18.209.242.7, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is bfllc.com.
TLS certificate: Issued by R3 on January 31st 2023. Valid for: 3 months.
This is the only time bfllc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 209.17.116.163 19871 (NETWORK-S...)
6 18.209.242.7 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:238... 16509 (AMAZON-02)
3 192.88.0.96 53704 (EMONEYPROD)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
18 9
1    209.17.116.163 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
benchmarkfinancial.info
6    18.209.242.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-242-7.compute-1.amazonaws.com
bfllc.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2600:9000:238d:be00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
3    192.88.0.96 (United States)

ASN53704 (EMONEYPROD, US)
abm.emaplan.com
2    2606:4700:20::681a:6dc (United States)

ASN13335 (CLOUDFLARENET, US)
www.freeprivacypolicy.com
2    2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)
www.youtube.com
Apex Domain
Subdomains		 Transfer
6 bfllc.com
bfllc.com
698 KB
3 emaplan.com
abm.emaplan.com
4 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 195
13 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
63 KB
2 freeprivacypolicy.com
www.freeprivacypolicy.com — Cisco Umbrella Rank: 81532
35 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
ajax.googleapis.com — Cisco Umbrella Rank: 306
31 KB
1 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 3666
41 KB
1 benchmarkfinancial.info
benchmarkfinancial.info
206 B
18 8
Domain Requested by
6 bfllc.com bfllc.com
3 abm.emaplan.com bfllc.com
3 cdnjs.cloudflare.com bfllc.com
2 www.youtube.com bfllc.com
www.youtube.com
2 www.freeprivacypolicy.com 1 redirects bfllc.com
1 content.jwplatform.com bfllc.com
1 ajax.googleapis.com bfllc.com
1 fonts.googleapis.com bfllc.com
1 benchmarkfinancial.info 1 redirects
18 9

This site contains links to these domains. Also see Links.

Domain
www.adviserinfo.sec.gov.
static.twentyoverten.com
twentyoverten.com
Subject Issuer Validity Valid
bfllc.com
R3		 2023-01-31 -
2023-05-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-12-25		 10 months crt.sh
abm.emaplan.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-20 -
2024-01-20		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bfllc.com/welcome
Frame ID: 238A3F1644008CAAB96DE3663AE60CC2
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Benchmark Financialfacebooktwitterinstagramlinkedingoogleyoutubevimeotumblryelprssemailpodcastblogsearchbrokercheckbrokercheck

Page URL History Show full URLs

  1. http://benchmarkfinancial.info/ HTTP 301
    https://bfllc.com/welcome Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

94 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

884 kB
Transfer

3630 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://benchmarkfinancial.info/ HTTP 301
    https://bfllc.com/welcome Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://www.freeprivacypolicy.com/cookie-consent/releases/3.0.0/cookie-consent.js HTTP 301
  • https://www.freeprivacypolicy.com/public/cookie-consent/3.0.0/cookie-consent.js

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request welcome
bfllc.com/
Redirect Chain
  • http://benchmarkfinancial.info/
  • https://bfllc.com/welcome
27 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bfllc.com/welcome
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.209.242.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-242-7.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e1dc16883fd56945de92e2b4f7025eed71435ed09fd425de777009fa38efb595

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Mar 2023 02:29:52 GMT
ETag
W/"6ca3-nuYkJBISeutTkmVHQS+smaz3pGI"
Keep-Alive
timeout=5
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
Express

Redirect headers

Connection
keep-alive
Content-Length
175
Content-Type
text/html
Date
Thu, 02 Mar 2023 02:29:52 GMT
Location
https://bfllc.com/welcome
Server
openresty/1.19.9.1
css
fonts.googleapis.com/ 		1 KB
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:000,000i|Prata:000,000i|Muli:000,000i
Requested by
Host: bfllc.com
URL: https://bfllc.com/welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f27c9fca26c7acc04da68bdf35014003481de1ef62d573e3c7d825227a5006ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfllc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 02 Mar 2023 02:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 02:29:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Mar 2023 02:29:53 GMT
global.css
bfllc.com/assets/frameworks/assets/dist/css/ 		263 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bfllc.com/assets/frameworks/assets/dist/css/global.css
Requested by
Host: bfllc.com
URL: https://bfllc.com/welcome
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.209.242.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-242-7.compute-1.amazonaws.com
Software
/ Express
Resource Hash
8b8e48e34a5377d098123ef7c12e2f202d7ce0e4bebaf7b8bf502c276b628b5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfllc.com/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 02:29:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Aug 2022 17:49:52 GMT
X-Powered-By
Express
ETag
W/"41c46-1825fada902"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
main.css
bfllc.com/assets/frameworks/themes/fresnel/2.0.0/assets/dist/css/ 		43 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bfllc.com/assets/frameworks/themes/fresnel/2.0.0/assets/dist/css/main.css
Requested by
Host: bfllc.com
URL: https://bfllc.com/welcome
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.209.242.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-242-7.compute-1.amazonaws.com
Software
/ Express
Resource Hash
a13a3b3fefe310f4f4c7ebc29c52378e4c7af9088f45dbf71f8e339d091666bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfllc.com/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 02:29:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Aug 2022 17:49:52 GMT
X-Powered-By
Express
ETag
W/"ac04-1825fada926"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
custom.css
bfllc.com/assets/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bfllc.com/assets/css/custom.css
Requested by
Host: bfllc.com
URL: https://bfllc.com/welcome
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.209.242.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-242-7.compute-1.amazonaws.com
Software
/ Express
Resource Hash
85f617b1f2edc5bdfe3cbc3fff2b17ad8e2cf58082ea74f5e80dbeffebb62343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfllc.com/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 02:29:53 GMT
Content-Encoding
gzip
X-Powered-By
Express
ETag
W/"2d7a-/CR8Q87g1VG5YbDWlbr1W6GM2wI"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: bfllc.com
URL: https://bfllc.com/welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfllc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:50:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 18:50:45 GMT
global-2.0.2.js
bfllc.com/assets/frameworks/assets/dist/js/ 		2 MB
457 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfllc.com/assets/frameworks/assets/dist/js/global-2.0.2.js
Requested by
Host: bfllc.com
URL: https://bfllc.com/welcome
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.209.242.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-242-7.compute-1.amazonaws.com
Software
/ Express
Resource Hash
bfa106ff2d90218c655473283ad6777e2d5c4a0e6b73c6b3c18f689591905957

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfllc.com/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 02:29:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Aug 2022 17:49:52 GMT
X-Powered-By
Express
ETag
W/"1cd4e7-1825fada90e"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
main-2.0.0.js
bfllc.com/assets/frameworks/themes/fresnel/2.0.0/assets/dist/js/ 		895 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfllc.com/assets/frameworks/themes/fresnel/2.0.0/assets/dist/js/main-2.0.0.js
Requested by
Host: bfllc.com
URL: https://bfllc.com/welcome
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.209.242.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-242-7.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e40a7b08e319403bea404d6e38c7129a15b3c684151d6dac2723b5e1c4ea9a8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfllc.com/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 02:29:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Aug 2022 17:49:52 GMT
X-Powered-By
Express
ETag
W/"dfbd1-1825fada936"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
sjcl.js
cdnjs.cloudflare.com/ajax/libs/sjcl/1.0.8/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/sjcl/1.0.8/sjcl.js
Requested by
Host: bfllc.com
URL: https://bfllc.com/welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d09a8688f37c7442bb1e6699b46efb191d9281ef05a492586fa0f54dc4e5110a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://bfllc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 02:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
201303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7925
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-6322"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEmta4dNhHgWYAvzDIgIOTLV8MaR6DpqUcCsCEQe%2BrTUp9eq5xUA9zR%2ByN995HcGfa9vv7EnN%2Ber2W%2FYV5Mcio3EKXN%2FEQmTnOFVjd4i4e3E%2FN2YgLQvhNwpiaV%2BsDHyrI%2BB2hMTPqxdbseavp3fUAK%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a1636eed9873615-FRA
expires
Tue, 20 Feb 2024 02:29:53 GMT
aes.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js
Requested by
Host: bfllc.com
URL: https://bfllc.com/welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bfllc.com/
Origin
https://bfllc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 02:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2287576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4256
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-3430"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qX8yOxEMSn1fAEkFge6XQfYn2PgIQ7CU5sTr3wFTCnLTcImcsssDf8LHI1G%2BtGsA7izwTyAWbHhcbGfOMCWDzrsm%2BzBYVBCsZyFbis7f%2BNYjkzH3tPL8xLw2lJ5bVXHmZxkXoYOrLL7RM%2By9ReOFcuJo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a1636eed98a3615-FRA
expires
Tue, 20 Feb 2024 02:29:53 GMT
mode-ecb.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.0/ 		456 B
539 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.0/mode-ecb.min.js
Requested by
Host: bfllc.com
URL: https://bfllc.com/welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a797464eae83bbad74f82c40953128a596448f97447f97a0b8df101f34c28ee
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://bfllc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 02:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
143476
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
200
last-modified
Thu, 22 Jul 2021 10:08:30 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60f9439e-c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCVtYEGR1%2FCCWaIsANWyhJ%2B26VvMlWMMc9OglfVxxrmAip3cuMrx8kI5Pk8tE5JFdrYHlql3RtqHBC8Vstfgex%2F7sSXRrRhj8MolN4FAWQL9ajbwMerxrQEEBwQyK%2FCwrfprFxlikWVE1FAeRQGRHwNV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a1636eed98c3615-FRA
expires
Tue, 20 Feb 2024 02:29:53 GMT
ljXVSIQY.js
content.jwplatform.com//libraries/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com//libraries/ljXVSIQY.js
Requested by
Host: bfllc.com
URL: https://bfllc.com/welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:be00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
82bf74fec23aebf7a282f2a8e35493be0359c4c0e9e9f7eea719aa21bf2f36d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfllc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 02:29:53 GMT
content-encoding
gzip
via
1.1 de7a608ee8aa91b02488536faf8169a0.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
41182
x-amz-cf-id
1JikjikloKFeRv6cwzq4YmhIs2qXF340qiN360xlSUz-XMkImGMMFA==
Embed
abm.emaplan.com/ABM/MediaServe/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abm.emaplan.com/ABM/MediaServe/Embed?token=102f10b1264b438bb733333ff663b76f
Requested by
Host: bfllc.com
URL: https://bfllc.com/welcome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.88.0.96 , United States, ASN53704 (EMONEYPROD, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
74cdeaa287c137359b36a6cccf93d7f606e91d1ca8843a3880533b7804f02e54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfllc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 02:29:53 GMT
Server
Kestrel
X-Powered-By
ASP.NET
Content-Length
1169
Content-Type
application/javascript
Embed
abm.emaplan.com/ABM/MediaServe/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abm.emaplan.com/ABM/MediaServe/Embed?token=d4a0443092fd4e62aa6a6e66704d3a23
Requested by
Host: bfllc.com
URL: https://bfllc.com/welcome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.88.0.96 , United States, ASN53704 (EMONEYPROD, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
0a8acbae2c1c3fc65cd08320db80ddbbfdb701cdf1b87fdc1183f8c1b4abeb80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfllc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 02:29:53 GMT
Server
Kestrel
X-Powered-By
ASP.NET
Content-Length
1154
Content-Type
application/javascript
Embed
abm.emaplan.com/ABM/MediaServe/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abm.emaplan.com/ABM/MediaServe/Embed?token=d6ac2c4d557f4d098551841798fa15c4
Requested by
Host: bfllc.com
URL: https://bfllc.com/welcome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.88.0.96 , United States, ASN53704 (EMONEYPROD, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
94f80e6021e6ad32b30ff51e1e403f219dedec574390dd100a9bd24fa890da3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfllc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 02:29:53 GMT
Server
Kestrel
X-Powered-By
ASP.NET
Content-Length
1197
Content-Type
application/javascript
cookie-consent.js
www.freeprivacypolicy.com/public/cookie-consent/3.0.0/
Redirect Chain
  • https://www.freeprivacypolicy.com/cookie-consent/releases/3.0.0/cookie-consent.js
  • https://www.freeprivacypolicy.com/public/cookie-consent/3.0.0/cookie-consent.js
126 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.freeprivacypolicy.com/public/cookie-consent/3.0.0/cookie-consent.js
Requested by
Host: bfllc.com
URL: https://bfllc.com/welcome
Protocol
H2
Server
2606:4700:20::681a:6dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fe6b9bc7b9e46145dc056023f9d7130713299f17e25fc0141506116dac5ee1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfllc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-priority
5/n
date
Thu, 02 Mar 2023 02:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27304
x-z
5179
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 09:40:44 GMT
server
cloudflare
etag
W/"d29026e2baadca227aaba80670d3bad2"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E70YmTzhLMGSt6bKtH%2BaC%2F6NunMuDfJ6xyCA%2FqbNjwjajuUyCMj8k07c%2BCX7Sje0FgVJZhaNlzPUcXZo8c%2FJ8s9ZkHa0hrmumcIwIvg7di4e0LT9KpI6Ur47m9yqq1%2BbpkfCfPKTi6CTgjLAm31d%2FUQnEjnY018%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, immutable, max-age=3600
cf-ray
7a1636ef0b3a30d2-FRA
expires
Wed, 01 Mar 2023 11:40:44 GMT

Redirect headers

expires
Wed, 01 Mar 2023 10:59:58 GMT
date
Thu, 02 Mar 2023 02:29:53 GMT
via
1.1 varnish (Varnish/7.1)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27290
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 01 Mar 2023 08:59:58 GMT
server
cloudflare
x-ha-hardened
true
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FPLbiPUTEBengLDdW5ZdZx58%2B004TpOV9YYxdpgC9NynOqNDEtRdXBhLi1d9veRcw%2BYhpgmsCe8uHdmVOy5FaEOoq1qGqaSdIzHDrDUUPDruuAWTfAbllWmnFycyXseiLh2WrC2dMRV3eWCdu9%2FXEBY4d6XUUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
https://www.freeprivacypolicy.com/public/cookie-consent/3.0.0/cookie-consent.js
cache-control
public, immutable, max-age=3600
cf-ray
7a1636eedb1130d2-FRA
x-priority
5/n
truncated
/ 		616 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fede21c8e298d06eea0e4a758d4554d810e673fdc61d79d1eb52f571fd677ca6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
iframe_api
www.youtube.com/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: bfllc.com
URL: https://bfllc.com/assets/frameworks/assets/dist/js/global-2.0.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab939d67f2d5e9a75656a384802ff694c032f0bc3c3c9b2341473e12c31380c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfllc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 02:29:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 02 Mar 2023 02:29:54 GMT
www-widgetapi.js
www.youtube.com/s/player/a897053d/www-widgetapi.vflset/ 		184 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/a897053d/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976d171df4645e5820578c3acd55ffdde81165f8570ab5a29c3980000531e6c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bfllc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 00:46:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
6228
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63001
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 01:19:35 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 01 Mar 2024 00:46:06 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| appUrl string| siteUrl boolean| suppress boolean| calendlyActive function| $ function| jQuery function| AESencrypt function| AESdecrypt function| sha256 object| jwDefaults object| webpackChunkjwplayer function| jwplayer object| player object| cookieconsent object| sjcl function| t function| u function| A function| C function| y function| z function| B undefined| D undefined| E object| F boolean| G undefined| H object| CryptoJS function| onYouTubeIframeAPIReady object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ boolean| vidimYouTubeAPIReady

3 Cookies

Domain/Path Name / Value
bfllc.com/ Name: cookie_consent_level
Value: %7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Atrue%2C%22tracking%22%3Atrue%2C%22targeting%22%3Atrue%7D
.youtube.com/ Name: YSC
Value: Y9r6Rf0TMq0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 2Y3pmqloNVs

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abm.emaplan.com
ajax.googleapis.com
benchmarkfinancial.info
bfllc.com
cdnjs.cloudflare.com
content.jwplatform.com
fonts.googleapis.com
www.freeprivacypolicy.com
www.youtube.com
18.209.242.7
192.88.0.96
209.17.116.163
2600:9000:238d:be00:1:a3fa:7cc0:93a1
2606:4700:20::681a:6dc
2606:4700::6811:190e
2a00:1450:4001:813::200a
2a00:1450:4001:82a::200a
2a00:1450:400d:807::200e
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0a8acbae2c1c3fc65cd08320db80ddbbfdb701cdf1b87fdc1183f8c1b4abeb80
1a797464eae83bbad74f82c40953128a596448f97447f97a0b8df101f34c28ee
1fe6b9bc7b9e46145dc056023f9d7130713299f17e25fc0141506116dac5ee1c
74cdeaa287c137359b36a6cccf93d7f606e91d1ca8843a3880533b7804f02e54
82bf74fec23aebf7a282f2a8e35493be0359c4c0e9e9f7eea719aa21bf2f36d2
85f617b1f2edc5bdfe3cbc3fff2b17ad8e2cf58082ea74f5e80dbeffebb62343
8b8e48e34a5377d098123ef7c12e2f202d7ce0e4bebaf7b8bf502c276b628b5a
94f80e6021e6ad32b30ff51e1e403f219dedec574390dd100a9bd24fa890da3e
976d171df4645e5820578c3acd55ffdde81165f8570ab5a29c3980000531e6c7
a13a3b3fefe310f4f4c7ebc29c52378e4c7af9088f45dbf71f8e339d091666bd
ab939d67f2d5e9a75656a384802ff694c032f0bc3c3c9b2341473e12c31380c4
bfa106ff2d90218c655473283ad6777e2d5c4a0e6b73c6b3c18f689591905957
d09a8688f37c7442bb1e6699b46efb191d9281ef05a492586fa0f54dc4e5110a
e1dc16883fd56945de92e2b4f7025eed71435ed09fd425de777009fa38efb595
e40a7b08e319403bea404d6e38c7129a15b3c684151d6dac2723b5e1c4ea9a8e
f27c9fca26c7acc04da68bdf35014003481de1ef62d573e3c7d825227a5006ea
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a
fede21c8e298d06eea0e4a758d4554d810e673fdc61d79d1eb52f571fd677ca6